﻿using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Data;
using System.Data.SqlClient;
using System.Web.UI;
using System.Web.UI.WebControls;

public partial class Admin_User_Info : System.Web.UI.Page
{
    protected void Page_Load(object sender, EventArgs e)
    {

    }
    protected void btnOK_Click(object sender, EventArgs e)
    {
        string oldPass = Assistant.GetMD5(txtPassword.Text.Trim());
        string newPass = Assistant.GetMD5(txtNewPass.Text.Trim());
        //string checkPass = txtCheckPass.Text.Trim();
        string sql = "select userName from User_Admin where userID=@userID and userPwd=@userPwd";
        SqlParameter[] para ={
                                new SqlParameter("@userID",SqlDbType.NVarChar,20),
                                new SqlParameter("@userPwd",SqlDbType.NVarChar,32)
                            };
        para[0].Value = Session["Uid"].ToString();
        para[1].Value = oldPass;
        string userName = DataAccess.GetNo1(sql, para);
        //判断是否登录成功
        if (userName != "" && userName != "false_0")
        {
            
            string sql1 = "update User_Admin set userPwd=@userNewPass where userID=@userID1";
            SqlParameter[] para1 ={
                                    new SqlParameter("@userNewPass",SqlDbType.NVarChar,32),
                                    new SqlParameter("@userID1",SqlDbType.NVarChar,20)
                                 };
            
            para1[0].Value = newPass;
            para1[1].Value = Session["Uid"].ToString();
            //DataAccess.ExecuteSQL(sql1, null);
            if (DataAccess.GetCount(sql1, para1) > 0)
            {
                Response.Write("<script>alert('修改密码成功！');location.href='AD_Right.aspx';</script>");
            }
        }
        else
        {
            lblCheck.Text = "*原始密码不正确，请重新输入！";
        }
    }
}